OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2011 Google Inc. All rights reserved. | 2 * Copyright (C) 2011 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
75 | 75 |
76 if (m_state == Failed) | 76 if (m_state == Failed) |
77 return; | 77 return; |
78 | 78 |
79 if (!m_cueParser) | 79 if (!m_cueParser) |
80 m_cueParser = VTTParser::create(this, m_document); | 80 m_cueParser = VTTParser::create(this, m_document); |
81 | 81 |
82 m_cueParser->parseBytes(data, length); | 82 m_cueParser->parseBytes(data, length); |
83 } | 83 } |
84 | 84 |
85 void TextTrackLoader::corsPolicyPreventedLoad() | 85 void TextTrackLoader::corsPolicyPreventedLoad(SecurityOrigin* securityOrigin, co
nst KURL& url) |
86 { | 86 { |
87 DEFINE_STATIC_LOCAL(String, consoleMessage, ("Cross-origin text track load d
enied by Cross-Origin Resource Sharing policy.")); | 87 String consoleMessage("Text track from origin '" + SecurityOrigin::create(ur
l)->toString() + "' has been blocked from loading: Not at same origin as the doc
ument, and parent of track element does not have a 'crossorigin' attribute. Orig
in '" + securityOrigin->toString() + "' is therefore not allowed access."); |
88 m_document.addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, conso
leMessage); | 88 m_document.addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, conso
leMessage); |
89 m_state = Failed; | 89 m_state = Failed; |
90 } | 90 } |
91 | 91 |
92 void TextTrackLoader::notifyFinished(Resource* resource) | 92 void TextTrackLoader::notifyFinished(Resource* resource) |
93 { | 93 { |
94 ASSERT(this->resource() == resource); | 94 ASSERT(this->resource() == resource); |
95 | |
96 if (!m_crossOriginMode.isNull() | |
97 && !m_document.securityOrigin()->canRequest(resource->response().url()) | |
98 && !resource->passesAccessControlCheck(m_document.securityOrigin())) { | |
99 | |
100 corsPolicyPreventedLoad(); | |
101 } | |
102 | |
103 if (m_state != Failed) | 95 if (m_state != Failed) |
104 m_state = resource->errorOccurred() ? Failed : Finished; | 96 m_state = resource->errorOccurred() ? Failed : Finished; |
105 | 97 |
106 if (m_state == Finished && m_cueParser) | 98 if (m_state == Finished && m_cueParser) |
107 m_cueParser->flush(); | 99 m_cueParser->flush(); |
108 | 100 |
109 if (!m_cueLoadTimer.isActive()) | 101 if (!m_cueLoadTimer.isActive()) |
110 m_cueLoadTimer.startOneShot(0); | 102 m_cueLoadTimer.startOneShot(0); |
111 | 103 |
112 cancelLoad(); | 104 cancelLoad(); |
113 } | 105 } |
114 | 106 |
115 bool TextTrackLoader::load(const KURL& url, const String& crossOriginMode) | 107 bool TextTrackLoader::load(const KURL& url, const String& crossOriginMode) |
116 { | 108 { |
117 cancelLoad(); | 109 cancelLoad(); |
118 | 110 |
119 FetchRequest cueRequest(ResourceRequest(m_document.completeURL(url)), FetchI
nitiatorTypeNames::texttrack); | 111 FetchRequest cueRequest(ResourceRequest(m_document.completeURL(url)), FetchI
nitiatorTypeNames::texttrack); |
120 | 112 |
121 if (!crossOriginMode.isNull()) { | 113 if (!crossOriginMode.isNull()) { |
122 m_crossOriginMode = crossOriginMode; | |
123 StoredCredentials allowCredentials = equalIgnoringCase(crossOriginMode,
"use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials; | 114 StoredCredentials allowCredentials = equalIgnoringCase(crossOriginMode,
"use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials; |
124 updateRequestForAccessControl(cueRequest.mutableResourceRequest(), m_doc
ument.securityOrigin(), allowCredentials); | 115 cueRequest.setCrossOriginAccessControl(m_document.securityOrigin(), allo
wCredentials); |
125 } else { | 116 } else if (!m_document.securityOrigin()->canRequest(url)) { |
126 // Cross-origin resources that are not suitably CORS-enabled may not loa
d. | 117 // Text track elements without 'crossorigin' set on the parent are "No C
ORS"; report error if not same-origin. |
127 if (!m_document.securityOrigin()->canRequest(url)) { | 118 corsPolicyPreventedLoad(m_document.securityOrigin(), url); |
128 corsPolicyPreventedLoad(); | 119 return false; |
129 return false; | |
130 } | |
131 } | 120 } |
132 | 121 |
133 ResourceFetcher* fetcher = m_document.fetcher(); | 122 ResourceFetcher* fetcher = m_document.fetcher(); |
134 setResource(fetcher->fetchRawResource(cueRequest)); | 123 setResource(fetcher->fetchRawResource(cueRequest)); |
135 return resource(); | 124 return resource(); |
136 } | 125 } |
137 | 126 |
138 void TextTrackLoader::newCuesParsed() | 127 void TextTrackLoader::newCuesParsed() |
139 { | 128 { |
140 if (m_cueLoadTimer.isActive()) | 129 if (m_cueLoadTimer.isActive()) |
(...skipping 28 matching lines...) Expand all Loading... |
169 } | 158 } |
170 | 159 |
171 void TextTrackLoader::getNewRegions(Vector<RefPtr<VTTRegion> >& outputRegions) | 160 void TextTrackLoader::getNewRegions(Vector<RefPtr<VTTRegion> >& outputRegions) |
172 { | 161 { |
173 ASSERT(m_cueParser); | 162 ASSERT(m_cueParser); |
174 if (m_cueParser) | 163 if (m_cueParser) |
175 m_cueParser->getNewRegions(outputRegions); | 164 m_cueParser->getNewRegions(outputRegions); |
176 } | 165 } |
177 | 166 |
178 } | 167 } |
OLD | NEW |